Adobe Analytics
Connecting to Adobe Analytics
In order to connect to Adobe Analytics, the GlobalCompanyId and RSID need to be identified. By default, the provider attempts to automatically identify your company and report suite. Alternatively, you can identify the company and report suite explicitly:
Global Company Id
GlobalCompanyId is an optional connection property. If left empty, the provider tries to automatically detect the Global Company ID. To find the Global Company ID:
Find it in the request URL for the users/me endpoint on the Swagger UI.
Expand the users endpoint and then click the GET users/me button.
Click the Try it out > Execute buttons.
Set the GlobalCompanyId connection property to the Global Company ID shown in the Request URL immediately preceding the users/me endpoint.
Report Suite Id
RSID is an optional connection property. If not set, the driver tries to automatically detect it. To get a full list of your report suites along with their identifiers next to the name, navigate to Admin > Report Suites.
Authenticating to Adobe Analytics
Adobe Analytics uses the OAuth authentication standard. You can authenticate with OAuth integration or Service Account integration.
User Accounts (OAuth)
AuthScheme must be set to OAuth in all user account flows.
You must create a custom OAuth app to connect to the Adobe Analytics.
Create an App for OAuth Integration
Follow the steps below to create a custom app and obtain the connection properties in a specific OAuth authentication flow.
Navigate to the following URL: https://console.adobe.io/home.
Click the Create new project button.
Select the Add API option.
Select Adobe Analytics, click Next, and then select OAuth and then click Next again.
Select the Web option and fill out the redirect URIs. For a desktop application, you can use a localhost URL such as https://localhost:33333. For a web application, supply the URL of the page to redirect to on your website.
Click Save configured API.
Your client is now created. Notice your client has an Client ID (API Key) and a Client Secret. These will be needed to get your auth code and to generate access tokens.
Create an App for Service Account Integration
Follow the steps below to create a custom app and obtain the connection properties in a specific Service Account authentication flow.
Navigate to the following URL: https://console.adobe.io/home.
Click the Create new project button.
Select the Add API option.
Select Adobe Analytics, click Next, and then select Service Account (JWT) and then click Next again.
Choose either to Generate a key pair or Upload your public key. If you choose to Generate a key pair, save the config.zip file locally as this contains the certificate you'll need to complete the connection. Click Next after the key is created or uploaded.
Creating Your Own Public Key Certificate
MacOS and Linux Open a terminal and execute the following command: openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out certificate_pub.crt
Windows Download an OpenSSL client such as OpenSSL Light to generate public certificates. The following steps will be for OpenSSL Light Open a command line window and execute the following commands: 1) cd "C:\Program Files\OpenSSL-Win64\bin" 2) .\openssl.exe req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out certificate_pub.crt
Select one or more product profiles (in product profiles you can set permissions of the app.) and then click Save configured API.
Your client is now created. Notice your client has Client ID (API Key), Client Secret, Organization ID and Technical account ID. These will be needed to get JWT token and to generate access tokens.
Get and Refresh the OAuth Access Token
After setting the following, you are ready to connect:
InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
OAuthClientId (custom applications only): Set this to the client Id assigned when you registered your app.
OAuthClientSecret (custom applications only): Set this to the client secret assigned when you registered your app.
CallbackURL (custom application only): Set this to the redirect URI defined when you registered your app. For example: https://localhost:3333
When you connect, the provider opens Adobe Analytics's OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process:
The provider obtains an access token from Adobe Analytics and uses it to request data.
The OAuth values are saved in the path specified in OAuthSettingsLocation, to be persisted across connections.
The provider refreshes the access token automatically when it expires.
Service Account (JWT OAuth)
Set the AuthScheme to OAuthJWT to authenticate with this method.
Service accounts have silent authentication, which does not require user authentication in the browser. You need to create an application in this flow. See Creating a Custom OAuth App to create and authorize an app. You can then connect to Adobe Analytics data that the service account has permission to access.
After setting the following connection properties, you are ready to connect:
InitiateOAuth: Set to GETANDREFRESH.
OAuthClientId: Set to the client Id in your app settings.
OAuthClientSecret: Set to the client secret in your app settings.
OAuthJWTCertType: Set to "PUBLIC_KEY_FILE".
OAuthJWTCert: Set to the path to the .key file you generated.
OAuthJWTCertPassword: Set to the password of the .key file.
OAuthJWTSubject: The subject, your Technical Account ID from the Adobe I/O Console integration, in the format: id@techacct.adobe.com.
OAuthJWTIssuer: The issuer, your Organization ID from the Adobe I/O Console integration, in the format org_ident@AdobeOrg. Identifies your organization that has been configured for access to the Adobe I/O API.
When you connect the provider completes the OAuth flow for a service account.
Creates and signs the JWT with the claim set required by the provider.
Exchanges the JWT for the access token.
Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Submits the JWT for a new access token when the token expires.
Last updated